Thanks, but that's not the positive ack I'm looking for.
Maybe he did use a key created in 1996 & maybe that really is his key,
but I'd rather get the fingerprint from him instead of just searching
for a key that works.
$ gpg --verify rancid-3.7.tar.gz.sig rancid-3.7.tar.gz
gpg: Signature made Wed, Mar 7, 2018 7:32:42 PM EST
gpg: using RSA key 0x4B2BDD527A774C09
gpg: Can't check signature: public key not found
$ gpg --search-keys ***@shrubbery.net
gpg: searching for "***@shrubbery.net" from hkps server
hkps.pool.sks-keyservers.net
(1) John Heasley <***@shrubbery.net>
2048 bit RSA key 0xFC860A57C2B34FCB, created: 2015-07-06
(2) John Heasley <***@shrubbery.net>
2048 bit DSA key 0x4472A69EB6650559, created: 2015-04-23
(3) John Heasley <***@shrubbery.net>
1024 bit RSA key 0x0A5CE6407A774C09, created: 2014-06-16 (revoked)
(4) John Heasley <***@shrubbery.net>
1024 bit RSA key 0x4B2BDD527A774C09, created: 1996-12-20
Post by LeePost by LeeHello again and thanks for the answers!
My device happens to be SRX100b and version of the Rancid is 3.3.
I got from “apt-get install rancid cvs”
ftp://ftp.shrubbery.net/pub/ranciD
Which has a detached sig -- thank you!! But what key was used for signing?
mine
touché
I don't have your key, so verifying the fingerprint would be nice; a
file I can gpg --import even better
Thanks
Lee